Public networks are used as a conduit for passing a variety of data among computers and other electrical devices. Confidential information, protected works of art (e.g., copyrighted music, literature and movies), personal information (e.g., credit card information, social security information, bank accounts, money transfers, etc.) are often exchanged electronically. The sensitivity of some of this data, in conjunction with the nature of the Internet, require systems and methods for securing the transfer of data.
There are a number of secure data transfer protocols that are used today. Some of these protocols verify the authenticity of the device or devices which are receiving and/or providing the sensitive data. However, different types of data, devices and client-server arrangements may require different, more specialized protocols.
One way to verify the authenticity of a remote device and conduct secure transactions over a public network is to use public key encryption, also referred to as asymmetric encryption. Public key encryption is a form of cryptography that allows two entities, such as devices, to securely communicate with each other using public keys and private keys. Each device has its own public key and its own private key. The public key, as its name suggests, is available to any apparatus interested in communicating with the device and is used to encrypt a message. The private key, on the other hand, is kept a secret and is used to decrypt a message.
When using public key encryption algorithms, because the public key is made widely available, it is important to confirm the authenticity of the public key. Additional techniques (such as, for example, message authentication codes and digital signatures) may be used to confirm the authenticity of the public key. Public key encryption, as well as these additional techniques, are widely used today to provide both data origin authentication and/or data integrity.
As effective as public key encryption algorithms are, there are none that are efficient for every intended purpose. Many of the current public key encryption algorithms require, for example, substantial processor bandwidth and do not utilize multiple servers that may be available.